ID CVE-2014-9850
Summary Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
References
Vulnerable Configurations
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp1
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp1
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp1
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp1
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp1
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp1
  • cpe:2.3:o:opensuse_project:leap:42.1
    cpe:2.3:o:opensuse_project:leap:42.1
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp1
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp1
  • OpenSUSE Project OpenSUSE 13.2
    cpe:2.3:o:opensuse_project:opensuse:13.2
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.10
    cpe:2.3:o:canonical:ubuntu_linux:16.10
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • ImageMagick 6.8.8-9
    cpe:2.3:a:imagemagick:imagemagick:6.8.8-9
CVSS
Base: 5.0 (as of 22-03-2017 - 12:42)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
refmap via4
confirm
mlist [oss-security] 20160602 Re: ImageMagick CVEs
suse
  • SUSE-SU-2016:1784
  • openSUSE-SU-2016:1748
  • openSUSE-SU-2016:1833
ubuntu USN-3131-1
Last major update 22-03-2017 - 13:23
Published 20-03-2017 - 12:59
Back to Top